How Businesses Can Cut Cloud Costs & Stay Secure on Virtual Desktop Systems

In today’s Guest Spotlight, Toby Skerritt of Foundation IT draws attention to innovative ways that businesses can stay secure and cut cloud costs on their virtual desktop systems.

Businesses have spent a record amount on cloud infrastructure services since the start of last year, with market analyst Canalys reporting a 32% increase, reaching $39.9bn. A high demand for cloud services to support remote work and distance learning through the pandemic, combined with organisations scaling up their digital transformations, has contributed to this rising spend. Platforms such as Azure saw a 50% growth in market share during Covid-19, with strong demand for virtual desktop solutions such as Windows Virtual Desktop (WVD).

Now, with lockdown restrictions gradually easing Gartner reports that 82% of leaders plan to maintain a blended way of working. As a result, providing a consistent work experience so employees remain productive whether remote or not, remains high on most board agendas.

Delivering this experience can be achieved in a variety of ways but also introduces significant security risks, particularly for companies in financial services or the medical sector who work with sensitive information daily.


What Can Businesses Do to Stay Secure?

The simplest solution is the one that many businesses already had in place – the Virtual Private Network or ‘VPN’. This provides a secure bridge between your user’s device and the corporate network, allowing them to work as they would if they were in the office. VPNs provide obvious benefits, but there are complications involved which require other solutions to make the process secure. Are the remote devices managed and are we confident that they pose no security risk to the corporate network? How do we secure the user’s home Wi-Fi network to ensure untrusted devices cannot access things they shouldn’t?

There are tools available that will help answer the questions above, but CEOs and CTOs need to be mindful that by extending your corporate network into your employees’ homes, you can fall into the trap of managing thousands of micro-networks, which will cause headaches for your IT team and the users involved.

A better option than extending your network out is to provide access in. Virtual Desktop Infrastructure (VDI) solutions have been around for years, and many of us will have experience of using a hosted service to access either a full desktop or specific application. By keeping the desktop and services within your environment, you can tightly manage the configuration and security of the platform, while removing the need to manage any aspects of the user’s home environment.

Traditionally, these services were hosted in datacentres and built to provide the right number of desktops for the userbase. These ‘on-premises’ solutions are still very much an option today, and most will be delivered via a Citrix, VMware or Microsoft platform. Such a service can deliver an excellent user experience at an acceptable price, however they require significant capital expenditure. On-premises solutions are ideal for organisations with a static user base. However, scaling up services will require the purchase of additional hardware, and the management of the whole platform will fall on the shoulders of your IT team.

This brings us to our third option: cloud-based desktops.

The Anywhere Office of Tomorrow’s new and exclusive report on hybrid working models is available now. We interviewed an international selection of C-Suite thought leaders to determine the future of Anywhere Operations. Access the full report free now.


Why Desktop-as-a-Service May Help

In many organisations, capital expenditure is no longer an option for IT initiatives. Services are moving wholesale to cloud providers who can offer the flexibility to grow and shrink as required. These platforms offer significant opportunities to businesses who are willing to adapt their usage and management processes. However, following the same processes as you did in traditional datacentres is likely to result in large bills. The key point here – services must be scaled based on requirement, and cost should only be accepted if it brings a business benefit.

Amazon Web Services and Microsoft Azure are by far the most popular cloud platforms for business, and both offer desktop services in the form of Amazon Workspaces and Windows Virtual Desktop respectively. The latter is a very interesting proposition, as it is now grouped under the Microsoft M365 banner. Microsoft are keen for businesses to adopt the Windows-as-a-Service (WaaS) model, and are specifically keen for Office 365 users to adopt their new desktop platform.

But cost is still a key barrier here, as cloud services are charged on a pay-as-you-use basis. Services must work well, but they must also be cost effective. As mentioned previously, cost should only be accepted if it brings a business benefit.

Running desktops 24/7 incurs significant cost. However, if users are only accessing the platform between 9-5, Monday to Friday, then the majority of this cost is wasted. It makes no sense to run a platform when not in use. In the traditional datacentre model, this was not an issue, as the servers were generally part of a pooled resource and only operational costs were incurred. However, now that the costs of cloud services aggregate the providers OPEX and CAPEX into minute-by-minute charges to the customer, we must do all in our power to ensure we are not paying more than we should. Luckily, there are some great tools and services available to help us achieve this.

Both AWS and Azure offer users the ability to create their own routines, runbooks or function apps to increase or reduce resources. However, there are also pre-built solutions available. For example, ‘Nerdio Manager for WVD’ provides a management console where intelligent automation can be configured to scale services up or down based on your preferred metrics, whether that’s the time of day or user demand.


A better option than extending your network out is provide access in. By keeping the desktop and services within your environment, you can tightly manage the configuration and security of the platform.

Toby Skerritt
Principal Architect, Foundation IT

Toby Skerritt

Intelligent Automation Equals Cost Savings

Using intelligent automation tools can provide dramatic cost savings. In the below example, an always-on desktop platform for 100 users (first graph) is compared to a platform which provides 50% availability out of hours (second graph). The scenario isn’t particularly aggressive, and users will always have access to a desktop if required. However, even in this scenario we see a saving of around 40%.

In most organisations, where desktop access is only required during the working week, we could easily achieve a saving of 70% or more over the ‘steady state’ cost. This potentially changes the adoption of cloud-based desktops from an interesting opportunity into a compelling one.

In a ‘pay-as-you-use’ scenario, organisations must be conscious of usage in order to achieve value. This point applies to both cloud desktop services and cloud services in general. Dynamic, intelligent scaling tools, whether purchased or developed in-house, can help all businesses to realise this value and reduce operational expenditure.

About Our Guest Writer

Toby Skerritt
Principal Architect, Foundation IT

Toby is the Principal Consultant at Foundation IT. Established in 1996, Foundation IT works with forward-thinking organisations that are looking to maximise the benefits from their IT infrastructure. Its managed IaaS and Azure IaaS solutions and services are designed for people that believe their IT infrastructure should be consumed ‘as-a-service.’ Toby has been at Foundation IT for 10 years, but previously he worked as a Senior Tech Developer for Hampshire County Council and as an ICT Teacher in Winchester.